As security vendors double down on ANZ, businesses must tap resources to survive 2017 unscathed

By David Braue

CSO|

The looming opening of Cisco Systems’ new ANZ headquarters is the latest in a series of investments that confirm security vendors are serious about establishing themselves within the increasingly problematic cybersecurity landscape expected to dominate strategizing during 2017.

Set to officially debut next week, Cisco’s new North Sydney office joins recent ANZ office investments from the likes of Mimecast, Trend Micro, Cylance and Splunk, all of which have expanded existing facilities or built new ones to house growing teams of security specialists.

These resources will be targeted at winning new customers and deepening engagements with existing businesses, which on the whole are expecting more IT-security budget than they’re likely to actually receive in this or coming fiscal years.

The urgency of such requirements was evident in the recent Trustwave-Osterman Research Study of Cybersecurity Resource Limitations, which identified ongoing challenges in finding and attracting skilled security staff.

Some 57 percent of organisations responding to that survey said it was a “significant” or “major” challenge finding and recruiting IT security staff with the right skill sets.

Less than half of IT-security departments were perceived to have the skills and training to handle complex issues, while just 1 in 9 respondents said it was “very likely” that they would have adequate IT security staff to meet their future security demands.

Those are dire numbers for a business function that has increased in stature and importance as the tide of cybersecurity attacks continues to rise. Yet despite the surfeit of investment in the Australian market, companies need to make sure they are investing in the right way.

Despite using the best technology available, BakerHostetler forensic security analyst Craig Hoffman warned that many companies continue to be breached due to errors by “fallible” humans.

“Most incidents are not the result of a sophisticated, never-before-seen, unpreventable attack,” he writes, noting that forensic review often includes the findings that the attack could have been prevent by paying better attention to basic security measures; clamping down on unknown data and devices on the network; more-verbose logging to improve analysis; refining techniques for reviewing logs; and more.

Many companies ultimately determined “that assumptions about a vendor’s role in maintaining and managing the security of the service it is offering may have been wrong,” Hoffman warned – reflecting the kind of problems that beset the Australian Census last August when neither the Australian Bureau of Statistics nor primary contractor IBM managed to implement appropriate DDos protections.

Businesses concerned about their security posture should also engage with forensic investigators before an incident so they can respond more quickly when something happens.

Finally, Hoffman warned, businesses need to be careful not to delegate all responsibility for security to IT or the security team. “It takes an enterprise-wide approach to address this enterprise risk,” he writes, noting that new threats from Internet of Things, ransomware and denial of service tools “demonstrate that maintaining operational resiliency is as important as preventing data theft.”

With 2017 sure to present as confronting a cybersecurity environment as 2016 – or worse – developing appropriate strategies remains crucial for businesses of all sizes. And while ongoing industry investments in Australia and the region suggest there are more resources available when they’re needed, all signs suggest that businesses will need to improve their overall security posture dramatically to make it through the year unscathed.